def member_security(): if not ('unchange' in session and session['unchange']): return redirect(url_for('index_index')) if request.method == 'POST': new_password = request.form['pass'] if new_password.strip() == "": return render_template('member/security.html', message=u"請輸入新密碼", type="error") database.doing_sql("insert into user_info values(?, ?, ?, ?, '')", (session['uid'], sha512(new_password).hexdigest(), session['username'], session['class'],)) del session['unchange'] return redirect(url_for("index_index")) else: return render_template('member/security.html')
def member_index(): if request.method == 'POST': try: username = request.form['user'] password = request.form['pass'] if database.doing_sql("select * from user_info where u_id=? limit 1", (username,)) == []: s = requests.session() payload = { 'uid': username, 'pwd': password } result = s.post('http://140.127.113.231/kuas/perchk.jsp', data=payload).content if 'f_index.html' in result: tree = etree.HTML(s.get('http://140.127.113.231/kuas/f_head.jsp').content) info = tree.xpath("//div//span") session['uid'] = username session['username'] = info[2].text session['class'] = info[1].text session['unchange'] = True return redirect(url_for('member_security')) else: message = u"帳號/密碼錯誤" else: password = sha512(password).hexdigest() user = database.doing_sql("select * from user_info where u_id=? and u_pass=? limit 1", (username, password, )) if user == []: message = u"帳號/密碼錯誤" else: user = user[0] (uid, passwd, name, _class, club) = user session['uid'] = uid session['username'] = name session['class'] = _class return redirect(url_for("index_index")) except KeyError: message = u"登入資訊錯誤" return render_template('member/index.html', message=message, type='error') else: return render_template('member/index.html')